package com.itbaizhan.springsecuritydemo1.Hander;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.security.web.session.InvalidSessionStrategy;

import java.io.IOException;

public class MyInvalidSessionStrategy implements InvalidSessionStrategy {
    @Override
    public void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
        System.out.println("会话过期");
        //需要创建session对象，在上面会话过期之后，session对象被清除，不创建session对象只会一直重复
        request.getSession();
        response.sendRedirect("/login");
    }
}
